1. Field of the Invention
This invention relates generally to the field of casino gaming terminals, gaming kiosks and lottery gaming terminals.
2. Description of the Related Art
On-line download of updated software and new games has been performed routinely with lottery terminals since the on-line capture of lottery slips started to be deployed in the late 1980s. The techniques and procedures have been refined along the years and are now considered as essential features. On the other hand, casino regulators have always been reluctant to introduce on-line download of updated software and of new games for casino gaming machines. Such reluctance stems from concerns relative to unauthorized intrusion and malicious modification of software code. These concerns are understandable, particularly since the late 1990s because of the general trend of constructing gaming terminals using standard PC hardware and PC software platforms that are subject to assault by hackers that are well versed in the techniques for taking advantage of the known weaknesses and flaws of such platforms. Even now with lotteries, the appeal of making use of the broadband public Internet network instead of private networking is considerable, but there are indeed significant security concerns and consequently new plans are blurred with uncertainty.
Although specialized download utilities and software update utilities such as Windows Installer, InstallShield and GetRight include data integrity verification mechanisms to ensure that the downloaded code is not corrupted; there is no mechanism to ensure that the code has not been tampered with. While secure Internet software download technologies such as Authenticode employ powerful PKI (Public Key Infrastructure) code signing, there is no fail-proof mechanism to ensure that the code has not been tampered with at a later stage. Once an authorized properly signed software module has started execution, the operating system does not provide means to verify if the code loaded in memory has not been tampered with to execute fraudulent operations.
Although software corporations like Microsoft have lately shifted their development focus to making their software more stable and very secure, there is always the risk that an unknown bug or a back door exists somewhere amongst the millions lines of code that would allow someone to perpetrate some form of cheat. Hidden back-doors might be mandated by the United States' NSA (National Security Agency) to be incorporated in operating systems to enable them to monitor terrorism and drug trafficking. Consequently, some corrupt employees or ex-employees having inner knowledge of these back door accesses might be tempted to fraudulently exploit such inner knowledge. Microsoft operating systems and other modern operating systems such as Linux are too complex and constantly changing to consider comprehensive certification by labs traditionally trusted by game regulators for certifying gaming products made by gaming equipment vendors.
Moreover, using strong PKI code signing techniques does not guaranty that the code can be trusted once verified because the “verifying” tool, or the tool that verifies the verifying tool (and so on) may itself not be trusted.
The approach of the Trusted Computing Platform Alliance (TCPA), whose specification was finalized in January 2001, calls for the creation of a Trusted Platform Module (TPM) that requires a discrete cryptographic processor residing on the PC's motherboard that contains a unique digital signature. Microsoft's security initiative code named “Palladium”, on the other hand, uses new forthcoming hardware security features built directly into microprocessors and supporting chipsets being designed by Intel, AMD and National in order to run some form of low-level encryption, and it can also use a TPM-like module for additional encryption. Microprocessors and supporting chipsets that implement Palladium may support a trusted execution mode that allows cryptographically authenticated programs access to a separate memory area. Such microprocessors may be equipped with a security coprocessor, which stores a unique pair of cryptographic keys in a non-volatile memory. Such a microprocessor and coprocessor may then be combined to create a motherboard that implements Palladium functionality. A corresponding software component, called the Trusted Operating Root, works in conjunction with the microprocessor and its coprocessor. The Trusted Operating Root running on the microprocessor and the coprocessor are configured to encrypt data in such a way that no other combination of Trusted Operating Root and coprocessor would be able to decrypt it.
The above security technologies are indeed promising but they require specific hardware that may take several years to be proven and to justify using them in gaming terminals. Furthermore, there may always persist a lingering distrust of such large corporate software providers such as, for example, Microsoft. Consequently, game regulators tend to hold back the deployment of such technologies, thereby discouraging the early adoption of networked multimedia software technologies as applied to the heavily regulated gaming industry.